Phishing scams are everywhere something we are already used to. It’s hard to find someone who has not received a fake message, email or missed call at least once from a number usually issued in an African or Asian country.
Criminals now and then begin new attempts to deceive uninterested Internet users, constantly improving methods known for years. Now we are dealing with an attack in which criminals are impersonating a known person bank (This is also nothing the new), but they do so with unprecedented precision.
They have carefully prepared a fake website from mBank
The Polish Financial Supervisory Authority’s Computer Security Incident Response Team (KNF CSIRT) has warned of the new scam. The criminals have prepared a special website, which perfectly simulates the appearance of the transaction service of mBank.
At first glance, the interface and the graphic design of the site, as well as the link, do not raise any objections. The scammers have taken care of the SSL certificate, thanks to which a distinctive lock icon is displayed next to the address bar. Reveals the fact that we are dealing with a phishing attack the details in the site address. Instead of the letter “a” in the name “mbank”, there was an almost identical letter, but with a small dot under the “a”.
We warn you about a fake website pretending to be mBank. Criminals use a special coding to cheat (…), making the dummy domain similar to the real one. be cerfull!
– We read in the tweet of CSIRT KNF.
The goal of the cybercriminals, of course, is to wipe the bank account of the potential victim. Internet users may be directed to the Website from various sources – for example from advertisements from search engines Internet or false emails pretending to be well-known companies or other organizations (such as postal companies or telecom operators). The designed website steals the login details instead of allowing actual access to the bank’s transaction service.
To protect yourself from this type of scam, we recommend that you be extra careful when clicking on the web and double-check that you are indeed dealing with a website of a company you trust. You also need to login to your transaction site (secure) the computerBy entering the bank’s website address manually or selecting it from the saved tabs.
“Infuriatingly humble musicaholic. Problem solver. Reader. Hardcore writer. Alcohol evangelist.”